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AMENDMENTS TO THE CLAIMS 

Please cancel claims 12, 22, and 32 without prejudice or disclaimer. This listing 
of claims will replace all prior versions, and listings of claims in the application. 

Listing of Claims; 

1 . (Currently Amended) A method for using workflows, comprising the steps of: 
associating workflows with domains one or more groups in a data structur e an 

identity system , each domain id e ntifi e s a portion of said data structur e group including one or 
more users of the identity system ; 

receiving a request to perform a task that pertains to at least one identity profile of 
an entity in said data structur e identity system ; and 

performing a first workflow for said task, said first workflow is associated with a 
first domain group that includes a target identity profile of said request; 

wherein: 

said first workflow comprises a predefined set of steps that perform said 
task to affect the target identity profile , said predefined set of steps comprising a first step 
and a second step; 

said first step is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a defined set of rules; and 

at least one of the first program and the second program is external to the 

workflow. 

2. (Currently Amended) A method according to claim 1, wherein: 

said step of associating includes associating said first workflow with said first 
domain group , said step of associating said first workflow includes choosing a first entry in said 
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a data structure, said data structure is a hierarchical data structure of entities in the identity 
system , said first domain includes said first entry and entries below said first entry. 

3. (Currently Amended) A method according to claim 2, wherein: 

said step of performing includes identifying one or more workflows associated 
with said target identity profile . 

4. (Currently Amended) A method according to claim 1, wherein: 
said request includes an identification of said target identity profile ; 

said step of performing includes identifying a set of one more workflows that 
perform said task and are associated with domains groups that include said target identity profile , 
said set of one more workflows includes said first workflow. 

5. (Currently Amended) A method according to claim 4, wherein: 
said request is a request to delete said target identity profile . 

6. (Currently Amended) A method according to claim 4, wherein: 
said request is a request to modify said target identity profile . 

7. (Currently Amended) A method according to claim 1, wherein: 

said request includes an identification of said target identity profile ; and 

said step of performing includes the steps of: 

identifying a set of one more workflows that perform said task and are 
associated with domains groups that include said target identity profile , said set of one more 
workflows includes said first workflow, 



reporting said set of one more workflows, 

receiving from a user a selection of said first workflow, and 

performing one or more steps of said first workflow. 



8. 



(Currently Amended) A method according to claim 1, wherein: 
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said step of performing includes identifying workflows for said task, identifying 
domains groups associated with said workflows for said task, and receiving from a user a 
selection of said first workflow. 

9. (Original) A method according to claim 1, wherein: 

said steps of associating, receiving and performing are performed by an integrated 
identity and access system. 

10. (Original) A method according to claim 1 , wherein: 
said request is for self-registration. 

1 1 . (Original) A method according to claim 1 , wherein: 
said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

12. (Canceled) 

13. (Currently Amended) A method according to claim H 2, wherein: 
said hierarchical data structure includes an LDAP directory. 

14. (Currently Amended) One or more processor readable storage devices having 
processor readable code embodied on said processor readable storage devices, said processor 
readable code for programming one or more processors to perform a method comprising the 
steps of: 

associating workflows with domains one or more groups in a data structur e an 
identity system , each domain identifi e s a portion of said data structur e group including one or 
more users of the identity system ; 

receiving a request to perform a task that pertains to at least one identity profile of 
an entity in said data structur e identity system ; and 

performing a first workflow for said task, said first workflow is associated with a 
first domain group that includes a target identity profile of said request; 
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wherein: 

said first workflow comprises a predefined set of steps that perform said 
task to affect the target identity profile , said predefined set of steps comprising a first step 
and a second step; 

said first step is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a defined set of rules; and 

at least one of the first program and the second program is external to the 

workflow. 

15. (Currently Amended) One or more processor readable storage devices according 
to claim 14, wherein: 

said step of associating includes associating said first workflow with said first 
domain group , said step of associating said first workflow includes choosing a first entry in said 
a data structure, said data structure is a hierarchical data structure of entities in the identity 
system , said first domain includes said first entry and entries below said first entry. 

16. (Currently Amended) One or more processor readable storage devices according 
to claim 15, wherein: 

said step of performing includes identifying one or more workflows associated 
with said target identity profile . 

17. (Currently Amended) One or more processor readable storage devices according 
to claim 14, wherein: 

said request includes an identification of said target identity profile ; 

said step of performing includes identifying a set of one more workflows that 
perform said task and are associated with domain s groups that include said target identity profile, 
said set of one more workflows includes said first workflow. 
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18. (Currently Amended) One or more processor readable storage devices according 
to claim 14, wherein: 

said request includes an identification of said target identity profile ; and 
said step of performing includes the steps of: 

identifying a set of one more workflows that perform said task and are 
associated with domains groups that include said target identity profile , said set of one more 
workflows includes said first workflow, 

reporting said set of one more workflows, 

receiving from a user a selection of said first workflow, and 

performing one or more steps of said first workflow. 

1 9. (Currently Amended) One or more processor readable storage devices according 
to claim 14, wherein: 

said step of performing includes identifying workflows for said task, and 
identifying domains groups associated with said workflows for said task, receiving from a user a 
selection of said first workflow. 

20. (Original) One or more processor readable storage devices according to claim 14, 
wherein: 

said steps of associating, receiving and performing are performed by an integrated 
identity and access system. 

21. (Original) One or more processor readable storage devices according to claim 14, 
wherein: 

said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

22. (Canceled) 
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23. (Currently Amended) One or more processor readable storage devices according 
to claim 22 15, wherein: 

said hierarchical data structure includes an LDAP directory. 

24. (Currently Amended) An apparatus that uses workflows, comprising: 
a communication interface; 

one or more processor in communication with said communication interface, said 
one or more processors perform a method comprising the steps of: 

associating workflows with domain s one or more groups in a data 
structure an identity system , each domain id e ntifi e s a portion of said data structur e group 
including one or more users of the identity system ; 

receiving a request to perform a task that pertains to at least one identity 
profile of an entity in said data structur e identity system ; and 

performing a first workflow for said task, said first workflow is associated 
with a first domain group that includes a target identity profile of said request; 

wherein: 

said first workflow comprises a predefined set of steps that 
perform said tas k to affect the target identity profile , said predefined set of steps 
comprising a first step and a second step; 

said first step is performed by a first program; 
said second step is performed by a second program; 
information is passed between said first program and said second 
program according to a defined set of rules; and 

at least one of the first program and the second program is external 
to the workflow. 

25. (Currently Amended) An apparatus according to claim 24, wherein: 

said step of associating includes associating said first workflow with said first 
domain group , said step of associating said first workflow includes choosing a first entry in said 
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a data structure, said data structure is a hierarchical data structure of entities in the identity 
system , said first domain includes said first entry and entries below said first entry. 

26. (Currently Amended) An apparatus according to claim 25, wherein: 

said step of performing includes identifying one or more workflows associated 
with said target identity profile and entries in said hierarchical data structure that are above said 
target identity profile . 

27. (Currently Amended) An apparatus according to claim 24, wherein: 
said request includes an identification of said target identity profile ; 

said step of performing includes identifying a set of one more workflows that 
perform said task and are associated with domains groups that include said target identity profile , 
said set of one more workflows includes said first workflow. 

28. (Currently Amended) An apparatus according to claim 24, wherein: 
said request includes an identification of said target identity profile ; and 
said step of performing includes the steps of: 

identifying a set of one more workflows that perform said task and are 
associated with domains groups that include said target identity profile , said set of one more 
workflows includes said first workflow, 

reporting said set of one more workflows, 

receiving from a user a selection of said first workflow, and 

performing one or more steps of said first workflow. 

29. (Currently Amended) An apparatus according to claim 24, wherein: 
said step of performing includes identifying workflows for said task, and 

identifying domains groups associated with said workflows for said task, receiving from a user a 
selection of said first workflow. 

30. (Original) An apparatus according to claim 24, wherein: 

said one or more processors are part of an integrated identity and access system. 
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3 1 . (Original) An apparatus according to claim 24, wherein: 
said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

32. (Canceled) 

33. (Currently Amended) An apparatus according to claim 32 25 , wherein: 
said hierarchical data structure includes an LD AP directory. 

34. (Currently Amended) A method according to claim 1, wh e r e in said targ e t is a 
targ e t id e ntity profil e , and w herein said task comprises managing said target identity profile. 

35. (Previously Presented) A method according to claim 34, wherein managing said 
identity profile comprises one or more tasks selected from the group consisting of: creating a 
user, deleting a user, changing a user attribute, creating a group, deleting a group, and changing a 
group attribute. 

36. (Previously Presented) A method according to claim 34, wherein managing said 
identity profile comprises managing a certificate associated with said identity profile. 

37. - 38. (Canceled) 
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